"Fossies" - the Fresh Open Source Software Archive

Member "PHPMailer-6.4.1/get_oauth_token.php" (29 Apr 2021, 4872 Bytes) of package /linux/www/PHPMailer-6.4.1.tar.gz:


As a special service "Fossies" has tried to format the requested source page into HTML format using (guessed) PHP source code syntax highlighting (style: standard) with prefixed line numbers and code folding option. Alternatively you can here view or download the uninterpreted source code file. For more information about "get_oauth_token.php" see the Fossies "Dox" file reference documentation and the last Fossies "Diffs" side-by-side code changes report: 6.3.0_vs_6.4.0.

    1 <?php
    2 
    3 /**
    4  * PHPMailer - PHP email creation and transport class.
    5  * PHP Version 5.5
    6  * @package PHPMailer
    7  * @see https://github.com/PHPMailer/PHPMailer/ The PHPMailer GitHub project
    8  * @author Marcus Bointon (Synchro/coolbru) <phpmailer@synchromedia.co.uk>
    9  * @author Jim Jagielski (jimjag) <jimjag@gmail.com>
   10  * @author Andy Prevost (codeworxtech) <codeworxtech@users.sourceforge.net>
   11  * @author Brent R. Matzelle (original founder)
   12  * @copyright 2012 - 2020 Marcus Bointon
   13  * @copyright 2010 - 2012 Jim Jagielski
   14  * @copyright 2004 - 2009 Andy Prevost
   15  * @license http://www.gnu.org/copyleft/lesser.html GNU Lesser General Public License
   16  * @note This program is distributed in the hope that it will be useful - WITHOUT
   17  * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
   18  * FITNESS FOR A PARTICULAR PURPOSE.
   19  */
   20 
   21 /**
   22  * Get an OAuth2 token from an OAuth2 provider.
   23  * * Install this script on your server so that it's accessible
   24  * as [https/http]://<yourdomain>/<folder>/get_oauth_token.php
   25  * e.g.: http://localhost/phpmailer/get_oauth_token.php
   26  * * Ensure dependencies are installed with 'composer install'
   27  * * Set up an app in your Google/Yahoo/Microsoft account
   28  * * Set the script address as the app's redirect URL
   29  * If no refresh token is obtained when running this file,
   30  * revoke access to your app and run the script again.
   31  */
   32 
   33 namespace PHPMailer\PHPMailer;
   34 
   35 /**
   36  * Aliases for League Provider Classes
   37  * Make sure you have added these to your composer.json and run `composer install`
   38  * Plenty to choose from here:
   39  * @see http://oauth2-client.thephpleague.com/providers/thirdparty/
   40  */
   41 //@see https://github.com/thephpleague/oauth2-google
   42 use League\OAuth2\Client\Provider\Google;
   43 //@see https://packagist.org/packages/hayageek/oauth2-yahoo
   44 use Hayageek\OAuth2\Client\Provider\Yahoo;
   45 //@see https://github.com/stevenmaguire/oauth2-microsoft
   46 use Stevenmaguire\OAuth2\Client\Provider\Microsoft;
   47 
   48 if (!isset($_GET['code']) && !isset($_GET['provider'])) {
   49     ?>
   50 <html>
   51 <body>Select Provider:<br>
   52 <a href='?provider=Google'>Google</a><br>
   53 <a href='?provider=Yahoo'>Yahoo</a><br>
   54 <a href='?provider=Microsoft'>Microsoft/Outlook/Hotmail/Live/Office365</a><br>
   55 </body>
   56 </html>
   57     <?php
   58     exit;
   59 }
   60 
   61 require 'vendor/autoload.php';
   62 
   63 session_start();
   64 
   65 $providerName = '';
   66 
   67 if (array_key_exists('provider', $_GET)) {
   68     $providerName = $_GET['provider'];
   69     $_SESSION['provider'] = $providerName;
   70 } elseif (array_key_exists('provider', $_SESSION)) {
   71     $providerName = $_SESSION['provider'];
   72 }
   73 if (!in_array($providerName, ['Google', 'Microsoft', 'Yahoo'])) {
   74     exit('Only Google, Microsoft and Yahoo OAuth2 providers are currently supported in this script.');
   75 }
   76 
   77 //These details are obtained by setting up an app in the Google developer console,
   78 //or whichever provider you're using.
   79 $clientId = 'RANDOMCHARS-----duv1n2.apps.googleusercontent.com';
   80 $clientSecret = 'RANDOMCHARS-----lGyjPcRtvP';
   81 
   82 //If this automatic URL doesn't work, set it yourself manually to the URL of this script
   83 $redirectUri = (isset($_SERVER['HTTPS']) ? 'https://' : 'http://') . $_SERVER['HTTP_HOST'] . $_SERVER['PHP_SELF'];
   84 //$redirectUri = 'http://localhost/PHPMailer/redirect';
   85 
   86 $params = [
   87     'clientId' => $clientId,
   88     'clientSecret' => $clientSecret,
   89     'redirectUri' => $redirectUri,
   90     'accessType' => 'offline'
   91 ];
   92 
   93 $options = [];
   94 $provider = null;
   95 
   96 switch ($providerName) {
   97     case 'Google':
   98         $provider = new Google($params);
   99         $options = [
  100             'scope' => [
  101                 'https://mail.google.com/'
  102             ]
  103         ];
  104         break;
  105     case 'Yahoo':
  106         $provider = new Yahoo($params);
  107         break;
  108     case 'Microsoft':
  109         $provider = new Microsoft($params);
  110         $options = [
  111             'scope' => [
  112                 'wl.imap',
  113                 'wl.offline_access'
  114             ]
  115         ];
  116         break;
  117 }
  118 
  119 if (null === $provider) {
  120     exit('Provider missing');
  121 }
  122 
  123 if (!isset($_GET['code'])) {
  124     //If we don't have an authorization code then get one
  125     $authUrl = $provider->getAuthorizationUrl($options);
  126     $_SESSION['oauth2state'] = $provider->getState();
  127     header('Location: ' . $authUrl);
  128     exit;
  129     //Check given state against previously stored one to mitigate CSRF attack
  130 } elseif (empty($_GET['state']) || ($_GET['state'] !== $_SESSION['oauth2state'])) {
  131     unset($_SESSION['oauth2state']);
  132     unset($_SESSION['provider']);
  133     exit('Invalid state');
  134 } else {
  135     unset($_SESSION['provider']);
  136     //Try to get an access token (using the authorization code grant)
  137     $token = $provider->getAccessToken(
  138         'authorization_code',
  139         [
  140             'code' => $_GET['code']
  141         ]
  142     );
  143     //Use this to interact with an API on the users behalf
  144     //Use this to get a new access token if the old one expires
  145     echo 'Refresh Token: ', $token->getRefreshToken();
  146 }